British firm asked to change name as it could be used to hack websites | Tech News

British firm asked to change name as it could be used to hack websites

A vulnerable website could have compromised itself just by just mentioning the company name. 

By: HT TECH
| Updated on: Aug 20 2022, 23:49 IST
It started as a Script joke
It started as a Script joke (Pixabay)
It started as a Script joke
It started as a Script joke (Pixabay)

The UK business registrar Companies House has forced a software consultant to change its name after discovering it could lead to cross-site scripting attacks.

The British software engineer had kept his company's name ““><SCRIPT SRC=HTTPS://MJT.XSS.HT> LTD”. The name could have led to vulnerable websites to execute a script from the site XSS Hunter, which allows devs to discover cross-site scripting errors. It would have affected websites that don't handle the HTML Code properly and could have mistaken them as blank in the company name section.

ALSO READ: Chrome, iOS 14, Windows, and more breached at China's top hacking content

“A company was registered using characters that could have presented a security risk to a small number of our customers, if published on unprotected external websites. We have taken immediate steps to mitigate this risk and have put measures in place to prevent a similar occurrence. We are confident that Companies House services remain secure,” a Companies House spokesperson is quoted as saying.

Following the directive, the consultant has renamed his company to “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD”. The consultant said he kept the older name thinking it would be a “fun and playful name.”

ALSO READ: Lawsuit accuses Indian hackers of leaking businessman's emails

According to The Guardian, many companies have kept such code-based names. Some companies which are guilty of such names are “; DROP TABLE “COMPANIES”;-- LTD”, which is said to be inspired by a popular XKCD webcomic. Unlike the previous occasions, it is the first time to elicit a response from the authorities.

As Engadget points out, it is weird that a simple code-based name could cause so much of a problem to a large number of websites. At the same time, it also highlights how fragile the digital space is right now.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 09 Nov, 12:11 IST
NEXT ARTICLE BEGINS